cr.hub processes personal data of its users only to the extent necessary to provide a functional website and our content and services.
Insofar as we obtain your consent for processing operations of personal data, Art. 6 (1) lit. a EU Data Protection Regulation (GDPR) serves as the legal basis.
When processing personal data that is necessary for the performance of a contract to which you are a party, Art. 6 (1) lit. b GDPR serves as the legal basis.
The personal data of the data subject will be deleted or blocked as soon as the purpose of storage ceases to apply. Storage may also take place if this has been provided for by the European or national legislator in Union regulations, laws or other provisions to which the cr.hub is subject. Data will also be blocked or deleted if a storage period prescribed by the aforementioned standards expires, unless there is a need for further storage of the data for the conclusion or performance of a contract.
1. What data we collect, for what purpose, and how long we store the data
In order to be able to offer you the full range of cr.hub, we need some information. Here we describe which personal data we collect and process, how we use it and how long we store it. As soon as a newsletter is subscribed to or a profile is created, cr.hub creates an entry in a database. In the table below, we have detailed the information that cr.hub collects, depending on the particular activity on the website.
|Data collected||How we collect the data||For what purpose we collect the data||How long we keep the data|
|First name, surname||Accession to the network requires the provision of name and surname||Member administration (Art. 6 para. 2 lit. b GDPR)||Deletion within one month after resignation|
|E-mail address||To subscribe to the newsletter, join the network or use the comment function in the blog area, an email address must be provided||Member administration dissemination of information (Art. 6 para. 2 lit. b GDPR) Public relations (Art. 6 para. 1 lit. a GDPR)||Deletion within one month after resignation or deregistration|
|Sector||To join the network, you must be assigned to a sector||Dissemination of sector-specific information or invitations to events (Art. 6 para. 2 lit. b GDPR)||Deletion within one month after resignation|
|Mailing address||To join the network, you may specify your postal address||Member administration and communication, public relations (Art. 6 para. 1 lit. a GDPR)||Deletion within one month after resignation|
|Homepage, LinkedIn-address, Twitter-address||To join the network, these data may be specified||Communication and public relations (Art. 6 para. 1 lit. a GDPR)||Deletion within one month after resignation|
|Personal introduction (max. 60 characters)||To join the network, you may introduce yourself personally||Communication within the network (Art. 6 para. 1 lit. a GDPR)||Deletion within one month after resignation|
|Information about the browser type and version used; The user’s operating system; The user’s IP address; Date and time of access; Websites from which the user’s system reached our website||Each time you visit our website, our system automatically collects data and information from the computer system of the calling computer. The data is stored in the log files of our system. This data is not stored together with other personal data of the user.||The storage in log files takes place to ensure the functionality of the website. In addition, we use the data to optimize the website and to ensure the security of our information technology systems. An evaluation of the data for marketing purposes does not take place. (Art. 6 para. 1 lit. f GDPR)||7 days|
|Username||When using the comment function on the website, a username may be specified||We use this voluntary information for public relations on the website (Art. 6 para. 2 lit. a GDPR)||Deletion upon request|
2. Who can access your personal user data
In this section we explain who may receive user data when it is shared through our website or by cr.hub itself. This site does not use social media plugins, website analytics services or advertising and marketing services.
Within the cr.hub, only the initiators have access to personal user data. All initiators who handle personal data are obliged in writing to handle personal data confidentially.
If you contact cr.hub by e-mail, telephone or fax, your enquiry including all personal data resulting from it (name, enquiry) will be stored and processed at cr.hub for the purpose of processing your request. We do not pass on this data without your consent.
The processing of this data is based on Art. 6 para. 1 lit. b GDPR if your request is related to the performance of a contract or is necessary for the implementation of pre-contractual measures. In all other cases, the processing is based on our legitimate interest in the effective handling of the enquiries addressed to cr.hub (Art. 6 para. 1 lit. f GDPR) or on your consent (Art. 6 para. 1 lit. a GDPR) if this has been requested.
The data you send to us via contact requests will remain with cr.hub until you request us to delete it, revoke your consent to store it or the purpose for storing the data no longer applies (e.g. after we have completed processing your request). Mandatory statutory provisions – in particular statutory retention periods – remain unaffected.
Publication on the internet
For the comment function in the blog area of the website, in addition to your comment, information on the time of the creation of the comment, your e-mail address and, if you do not post anonymously, the username you have chosen will be stored. Your username, the time of your comment and your comment will be published on the website. If you do not want this data to be displayed publicly, you should not use the comment function.
cr.hub points out that sufficient technical measures have been taken to ensure data protection. Nevertheless, comprehensive data protection cannot be guaranteed when publishing personal data on the Internet. Therefore, you acknowledge the risks of a possible violation of personal rights and are aware that: the personal data can also be accessed in countries that do not have data protection regulations comparable to those of the Federal Republic of Germany, and the confidentiality, integrity (inviolability), authenticity (genuineness) and availability of the personal data cannot be guaranteed. You make the decision to publish your data on the internet voluntarily and can revoke your consent to cr.hub at any time.
The website is hosted by an external service provider (hoster). The provider of the hosting service is WebhostOne GmbH, Rheinvogtstraße 7, D-79713 Bad Saeckingen. Personal data collected on this website is stored on the hoster’s servers.
The hoster is used for the purpose of fulfilling contracts with our potential and existing customers (Art. 6 para. 1 lit. b GDPR) and in the interest of a secure, fast, and efficient provision of our online offer by a professional provider (Art. 6 para. 1 lit. f GDPR).
Our hoster will only process your data insofar as this is necessary for the fulfilment of its service obligations and will follow our instructions with regard to this data. cr.hub signed a contract for commissioned data processing with WebhostOne GmbH. Information on the data protection of WebhostOne GmbH can be found here.
Google Web Fonts
This site uses so-called web fonts provided by Google for the uniform display of fonts. When you call up a page, your browser loads the required web fonts into its browser cache to display texts and fonts correctly.
For this purpose, the browser you use must connect to Google’s servers. This informs Google that your IP address has been used to access this website. The use of Google WebFonts is based on Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in the uniform presentation of the typeface on its website. If a corresponding consent has been requested (e.g. consent to the storage of cookies), the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR; the consent can be revoked at any time.
If your browser does not support web fonts, a standard font from your computer will be used.
3. Data processing by social networks
cr.hub maintains publicly accessible profiles on social networks. The individual social networks used by us can be found below.
Social networks such as LinkedIn, Twitter etc. can usually comprehensively analyse your user behaviour when you visit their website or a website with integrated social media content (e.g. like buttons or advertising banners). By visiting the social media presences of cr.hub, numerous data protection-relevant processing operations are triggered. In detail:
If you are logged into your social media account and visit our social media presence, the operator of the social media portal can assign this visit to your user account. However, your personal data may also be collected under certain circumstances if you are not logged in or do not have an account with the respective social media portal. In this case, this data collection takes place, for example, via cookies that are stored on your end device or by recording your IP address.
With the help of the data collected in this way, the operators of the social media portals can create user profiles in which your preferences and interests are stored. In this way, interest-based advertising can be displayed to you inside and outside the respective social media presence. Provided you have an account with the respective social network, the interest-based advertising may be displayed on all devices on which you are or were logged in.
Our social media presences are intended to ensure the most comprehensive possible presence on the internet. This is a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR. The analysis processes initiated by the social networks may be based on different legal bases, which are to be stated by the operators of the social networks (e.g. consent within the meaning of Art. 6 para. 1 lit. a GDPR).
Responsible person and assertion of rights
If you visit one of our social media sites (e.g. LinkedIn), we are jointly responsible with the operator of the social media platform for the data processing operations triggered during this visit. In principle, you can assert your rights (information, correction, deletion, restriction of processing, data portability and complaint) both vis-à-vis us and vis-à-vis the operator of the respective social media portal (e.g. vis-à-vis LinkedIn).
Please note that despite the joint responsibility with the social media portal operators, we do not have full influence on the data processing procedures of the social media portals. Our options are largely determined by the corporate policy of the respective provider.
The data collected directly by us via the social media presence is deleted from cr.hub’s systems as soon as the purpose for storing it no longer applies, you request us to delete it, revoke your consent to store it or the purpose for storing the data no longer applies. Stored cookies remain on your end device until you delete them. Mandatory legal provisions – in particular retention periods – remain unaffected.
Social networks in detail
We have a profile on LinkedIn. The provider is LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland. LinkedIn has certification under the EU-US Privacy Shield. LinkedIn uses advertising cookies.
Our website uses so-called cookies. Cookies do not cause any damage to your computer and do not contain viruses. Cookies serve to make our offer more user-friendly, effective and secure. Cookies are small text files that are stored on your computer and saved by your browser.
Most of the cookies we use are so-called “session cookies”. They are automatically deleted at the end of your visit. Other cookies remain stored on your end device until you delete them. These cookies enable us to recognise your browser on your next visit.
5. Your rights regarding privacy
Via email@example.com you can exercise the following rights at any time:
- Information about your data stored with us and its processing (Art. 15 GDPR)
- Correcting incorrect personal data (Art. 16 GDPR)
- Deletion of your data stored with us (Art. 17 GDPR)
- Restriction of data processing, provided that we are not yet allowed to delete your data due to legal obligations (Art. 18 GDPR)
- Objection to the processing of your data by us (Art. 21 GDPR)
- Data transferability, if you have consented to data processing or have concluded a contract with us (Art. 20 GDPR).
You may at any time submit a complaint to the supervisory authority responsible for you. Your competent supervisory authority depends on the federal state of your residence, your work or the suspected violation of the GDPR. You can find a list of the supervisory authorities at www.bfdi.bund.de.
6. Name and address of the responsible person
The responsible persons in the sense of the GDPR and other national data protection laws of the member states as well as other data protection regulations are:
Simon Göß, Hendrik Schuldt, André Presser, David List
c/o Simon Göß
Cambridger Str. 19
We reserve the right to adapt this data protection declaration so that it always complies with current legal requirements or to implement changes to our services in the data protection declaration, e.g. when introducing new services. The new data protection declaration will then apply to your next visit.
If you have any questions regarding data protection, you can contact us at firstname.lastname@example.org.